Dear Developers,
I was wondering if the new Open Ondemand 4.1.x is NIST 800-171 compliant? And if it’s not, are you planning on making the product compliant in the near future?
Thank you for your time,
–David
David:
In the subject you mention NIST 800-171 (more commonly called ‘CUI’ or ‘CMMC’), but in the message you mentioned NIST 140 (more commonly called ‘FIPS’). Which are you specifically looking for?
My limited understanding of these is that it isn’t really appropriate for Open OnDemand itself to be ‘certified compliant’ for either. I could be mistaken on this, but CMMC/CUI certification is generally associated with an organization / institution and their specific deployments/configurations of services. FIPS is similar, but generally involved cryptographic aspects of services.
Are you aware of other open source software products documenting ‘compliance’ with these standards that could serve as a guideline for us?
Hi,
I’m sorry about that. I’ve edited the message and corrected my mistake. I will get back to you on an example that we have in house. Thanks for the quick reply.
–David